exa-entities

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill repeatedly fetches and returns text from open/public third-party sources (e.g., exa.search_and_contents, exa.get_contents, and exa.websets.enrich which pull content from categories like linkedin_profile, personal_site, github, and news), and the agent is expected to read and parse that untrusted/user-generated content (e.g., using r.text, company.text), exposing it to indirect prompt injection.